What is Cybersecurity?

Cybersecurity is the practice of defending computers, servers, mobile devices,

electronic systems, networks, and data from malicious attacks. It's also known as
information technology security or electronic information security.

Areas of Cybersecurity:

1. Network Security:
o Protects the integrity, confidentiality, and availability of data as it is transmitted
across networks.
o Includes firewalls, intrusion detection systems (IDS), and virtual private networks
(VPNs).
2. Information Security:
o Protects data from unauthorized access, use, disclosure, disruption, modification,
or destruction.
o Encompasses encryption, data masking, and access controls.
3. Application Security:
o Ensures that applications are designed, developed, and deployed securely.
o Involves secure coding practices, code reviews, and application firewalls.
4. Endpoint Security:
o Protects devices such as computers, smartphones, and tablets from cyber
threats.
o Includes antivirus software, anti-malware tools, and device management
solutions.
5. Identity and Access Management (IAM):
o Ensures that the right individuals access the right resources at the right times
for the right reasons.
o Involves authentication, authorization, and user lifecycle management.
6. Cloud Security:
o Protects data, applications, and services in cloud environments.
o Involves cloud access security brokers (CASBs), cloud workload protection
platforms (CWPPs), and secure cloud configurations.
What is an information system?
An information system (IS) is an interconnected set of components used to collect, store,
process and transmit data and digital information. At its core, it is a collection of hardware,
software, data, people and processes that work together to transform raw data into useful
information. An IS supports a variety of business objectives such as improved customer
service or increased efficiency.

How does an information system work?

An IS is a powerful tool that can bring many different functions together. By connecting
system components, it enables IT departments to collect, store and process information in
an efficient way and distribute it for a variety of purposes. The system can also produce
reporting in different formats and to a variety of devices. Reports can include text files,
spreadsheets, graphics and complex data visualizations. This comprehensive platform
streamlines internal operations and allows businesses to access data quickly and
accurately.

The basic process an IS follows includes the following steps:

1. Input. The system collects data and information from various sources, such as
sensors, keyboards, scanners or databases.

2. Processing. The system transforms the raw data into meaningful information by
applying various operations, such as sorting, classifying, calculating, analyzing or
synthesizing.

3. Storage. The system stores the processed information in a structured and secure way,
such as in a database, a file system or in cloud storage.

4. Output. The system presents the information to the users in a usable format, such as
reports, graphs, charts or dashboards.

5. Feedback. The system collects feedback from users and other stakeholders to
evaluate its performance and improve its design and functionality.
components of information systems
An IS is composed of a variety of components, from physical hardware to software and
data. Each component serves an important role in the overall functioning of the system.

Hardware for an IS includes computers and servers. Computer hardware is essential for
providing users with access to the system, while servers provide storage space for data,
programs and applications that make up the system.

Networks such as local area networks (LANs), wide area networks (WANs), intranets
and cloud networks are important for interconnecting different components and allowing
user access from anywhere in an organization.

Software is an integral part of an IS. Operating systems such as Windows or Linux

provide underlying platforms, while databases allow users to store and retrieve large
amounts of data. An enterprise may run on hundreds of different software applications, as
well as large software packages that integrate multiple applications.

Data is another important component. This includes structured data stored in databases,
as well as unstructured data such as text documents, images or audio files. Users can
access this data through various applications within the system for reporting or analysis
purposes.

People play a key role in any IS, from administrators who manage the system itself to
users who interact with it daily. Administrators must understand how to configure
hardware and software and troubleshoot issues. Meanwhile, end users must become
familiar with interfaces and learn to perform tasks within the system to get work done.

Processes governing how components work together within an IS are critical. IT leaders
must define procedures for everything from setting up secure user accounts to creating
emergency backup plans. Understanding how all these pieces fit together is essential for
an IS to meet a company's needs effectively.
Types of information systems
Businesses can optimize their operations with five types of IS.

Management information systems (MIS) are computerized systems that collect, store, process
and present data to support management decision-making. For example, an MIS in a hospital may
collect data on patient admissions, treatments and outcomes to help its administrators make
decisions about resource allocation and process improvements.

Knowledge work systems (KWS) are computer-based systems that support knowledge workers,
such as researchers, analysts and consultants, by helping them create reports and presentations. For
example, a KWS used by a marketing team may help create marketing materials, analyze customer
data and track marketing campaigns.

Decision support systems (DSS) and business intelligence (BI) provide users with the ability to
explore and analyze data to gain insights into business performance. For example, a system used by
a retail chain may collect and analyze data on customer demographics, buying behavior and sales
performance to guide changes in inventory management and marketing campaigns.

Transaction processing systems (TPS) support operational processes that produce and consume
data. For example, a TPS used by a bank may process customer transactions, such as deposits and
withdrawals, and maintain account balances.

Executive information systems (EIS), a type of DSS, provide senior executives with access to
high-level information about the organization. EIS provides executives with real-time information
and analytical tools to support strategic decision-making. For example, an EIS intended for a CEO
may provide information on the company's financial performance, market trends and competitive
landscape.

Managing information systems

System security
Data management
Network management
System maintenance
What is a Threat?
A threat is a possible security violation that might exploit the vulnerability of a system or
asset. The origin of the threat may be accidental, environmental (natural disaster),
human negligence, or human failure. Different types of security threats are interruption,
interception, fabrication, and modification

Types of Threats
 Unstructured Threats: Unstructured threats are typically executed by inexperienced
individuals using easily accessible hacking tools like shell scripts and password
crackers. If executed solely to test a hacker’s skills, they can cause significant
damage to a company.
 Structured Threat: A structured threat involves an organized attempt to breach a
specific network or organization. These threats come from highly motivated and
technically proficient hackers.
 External Threats: External threats might come from individuals or organizations
working outside the company. They have unauthorized access to the computer
systems and network. They typically enter a network via the Internet or dial-up access
servers.
 Internal Threat: Internal dangers occur due to authorized network access, whether
through a server account or physical access.

Cyber Threats:
Malware

Malware means malicious software. One of the most common cyber threats, malware is
software that a cybercriminal or hacker has created to disrupt or damage a legitimate user’s
computer. Often spread via an unsolicited email attachment or legitimate-looking download,
malware may be used by cybercriminals to make money or in politically motivated cyber-
attacks.

There are a number of different types of malware, including:

Virus: A self-replicating program that attaches itself to clean file and

spreads throughout a computer system, infecting files with malicious code.
Worm:
A computer worm is a software program that can copy itself from one computer to
another, without human interaction. The potential risk here is that it will use up your
computer hard disk space because a worm can replicate in greate volume and with great
speed
 Trojans: A type of malware that is disguised as legitimate software.
Cybercriminals trick users into uploading Trojans onto their computer where
they cause damage or collect data.
Spyware: A program that secretly records what a user does, so that
cybercriminals can make use of this information. For example, spyware could
capture credit card details.
Ransomware: Malware which locks down a user’s files and data, with the
threat of erasing it unless a ransom is paid.
Adware: Advertising software which can be used to spread malware.
Botnets: Networks of malware infected computers which cybercriminals use
to perform tasks online without the user’s permission.
SQL injection

An SQL (structured language query) injection is a type of cyber-attack used to take control
of and steal data from a database. Cybercriminals exploit vulnerabilities in data-driven
applications to insert malicious code into a databased via a malicious SQL statement. This
gives them access to the sensitive information contained in the database.

Phishing

Phishing is when cybercriminals target victims with emails that appear to be from a
legitimate company asking for sensitive information. Phishing attacks are often used to dupe
people into handing over credit card data and other personal information.

Man-in-the-middle attack

A man-in-the-middle attack is a type of cyber threat where a cybercriminal intercepts

communication between two individuals in order to steal data. For example, on an unsecure
WiFi network, an attacker could intercept data being passed from the victim’s device and
the network.
 Denial-of-service attack

A denial-of-service attack is where cybercriminals prevent a computer system from fulfilling

legitimate requests by overwhelming the networks and servers with traffic. This renders the
system unusable, preventing an organization from carrying out vital functions.

What is cybercrime?

Cybercrime is criminal activity that either targets or uses a computer, a computer

network or a networked device. Most cybercrime is committed by cybercriminals or
hackers who want to make money. However, occasionally cybercrime aims to damage
computers or networks for reasons other than profit. These could be political or
personal.
Cybercrime can be carried out by individuals or organizations. Some cybercriminals
are organized, use advanced techniques and are highly technically skilled. Others are
novice hackers.

Types of cybercrime include:

1. Email and internet fraud.

2. Identity fraud (where personal information is stolen and used).

3. Theft of financial or card payment data.

4. Theft and sale of corporate data.

5. Cyberextortion (demanding money to prevent a threatened attack).

6. Ransomware attacks (a type of cyberextortion).

7. Cryptojacking (where hackers mine cryptocurrency using resources they do not own).
8. Cyberespionage (where hackers access government or company data).

9. Interfering with systems in a way that compromises a network.

10. Infringing copyright.

11. Illegal gambling.

12. Selling illegal items online.

What is a cyberattack?
A cyberattack is an attempt to steal, alter, destroy, disrupt, or disable information resources
and systems found in computer networks and systems. Cyberattacks can fit into two
categories: insider threats or outsider threats. Insider threats stem from individuals with
legitimate access to the systems they target, using their access to exploit vulnerabilities
intentionally or inadvertently. They could be committed by a dissatisfied or angry employee
or a contractor with access to the organization’s systems. An outsider threat is from
someone who doesn’t have any affiliation with the system they’re attacking, such as
criminal organizations or hackers.
Who do cyberattackers target?
Cyberattackers commonly target industries including health care, government, non-profits,
and finance companies. The health care industry has been especially susceptible to being
targeted by attackers. This is because health care organizations have access to many
people's personal data. Since health care infrastructure is so critical, ransomware attackers
understand that these organizations will likely pay their demands quickly.
Common types of cyberattacks
Cyberattacks can have motives other than financial gain. Some cyberattacks focus on
destroying or gaining access to critical data.

Organizations and individuals face the following types of typical cyberattacks

1. Malware

Cyberattackers use harmful software such as spyware, viruses, ransomware, and worms
known as malware to access your system's data. When you click on a malicious attachment
or link, the malware can install itself and become active on your device.
2. Phishing

Phishing attacks rely on communication methods like email to convince you to open the
message and follow the instructions inside. If you follow the attackers’ instructions, they
gain access to personal data, such as credit cards, and can install malware on your device.
3. Spoofing

Cyber attackers will sometimes imitate people or companies to trick you into giving up
personal information. This can happen in different ways. A common spoofing strategy
involves using a fake caller ID, where the person receiving the call doesn’t see that the
number is falsified. Other spoofing methods include subverting facial recognition systems,
using a fake domain name, or creating a fake website.
4. Backdoor Trojan

Backdoor Trojan attacks involve malicious programs that can deceptively install malware or
data and open up what’s referred to as the “backdoor” to your computer system. When
attackers gain access to the backdoor, they can hijack the device without it being known to
the user.
5. Ransomware

Ransomware is malicious software that cyberattackers can install on your device, allowing
them to block your access until you pay the attackers a ransom. However, paying the
ransom doesn’t guarantee the removal of the software, so experts often advise individuals
not to pay the ransom if possible.
6. Password attacks

Password attacks can be as simple as someone correctly guessing your password or other
methods such as keylogging, where attackers can monitor the information you type and
then identify passwords. An attacker can also use the aforementioned phishing approach to
masquerade as a trusted site and try to fool you into revealing your account credentials.
7. Internet of Things attack

Communication channels between connected IoT components can be susceptible to

cyberattacks and the applications and software found on IoT devices. Since IoT devices are
in connection with one another through the internet and may have limited security features,
there is a larger attack surface that attackers can target.
8. Cryptojacking

Cryptojacking involves gaining unauthorized use of a computer system, usually through

malware that allows the attacker to use the computer's resources for mining cryptocurrency.
Mining cryptocurrency can come with significant operational costs, so cryptojacking
provides attackers with a way to avoid these expenses.
9. Drive-by download

Drive-by download attacks occur when you download malicious code to your device through
an app, website, or operating system with flawed security systems. This means you could
do nothing wrong and still be a victim of a drive-by download since it can occur due to a lack
of security measures on a site you believe to be safe.
10. Denial-of-service attack

A denial-of-service attack causes an entire device or operating system to shut down by

overwhelming it with traffic, causing it to crash. Attackers don’t often use this method to
steal information. Instead, it costs the victim time and money to get their systems up and
running again. Cybercriminals typically use this method when the target is a trade
organization or government entity.
How to prevent cyberattacks
An important first step in preventing cyberattacks is ensuring you and other employees at
your organization know of the potential of cyberattacks. Being mindful before clicking links
and checking the email address to ensure it appears legitimate can go a long way in
ensuring your data and systems are kept safe.

Here are some useful tips to prevent cyberattacks:

Update your software.

Up-to-date software systems are more resilient than outdated versions, which may be prone
to having weaknesses. Updates can correct any flaws and weaknesses in the software, so
having the latest version is optimal. Additionally, consider keeping software systems
updated by investing in a patch management system.
Install a firewall.

Firewalls are helpful in preventing a variety of attacks, such as backdoors and denial-of-
service attacks. They work by controlling the network traffic moving through your system. A
firewall will also stop any suspicious activity it deems potentially harmful to the computer.
Back up data.

When you back up data, you move it to a different, secure location for storage. This might
involve using cloud storage or a physical device like a hard drive. In case of an attack,
backing up your data allows you to recover any lost data.
Encrypt data.

Data encryption is a popular way to prevent cyberattacks, and it ensures data is only
accessible to those who have the decryption key. To successfully attack encrypted data,
attackers often have to rely on the brute force method of trying different keys until they can
guess the right one, making breaking the encryption challenging.
Use strong passwords.

You should have strong passwords to prevent attacks and avoid using the same passwords
for different accounts and systems. Using the same password repeatedly increases the risk
of giving attackers access to all your information. Regularly updating your passwords and
using passwords that combine special characters, upper and lowercase letters, and
numbers can help protect your accounts.